Austin Technology Law Blog

Stuxnet - Malware That James Bond Would Be Proud Of?

UPDATE September 30, 2010:  Further to the story below, the New York Times reports that experts deconstructing the Stuxnet virus have found a file named "Myrtus", which is supposedly the Hebrew word for Esther's name (Hadassah) before she was selected as queen.  Esther is a book in the Hebrew Bible (Old Testament) in which a plot by the leaders of Persia (now known as Iran) to destroy the Jews is foiled by Esther, which then allowed the Jews to kill about 75,000 Persians in reprisal.  The naming of this file could be signficant as a calling card or could just be an attempt to shift blame (or could just be the name of someone's mother or cat). 

This sounds more and more like Tom Clancy is making this up.

ORIGINAL POST:  As our many readers will surely recall, this blog was all over the Stuxnet story when it broke a few months ago.  For those that don't remember, Stuxnet is a malware that targets commercial systems (primarily power plants) by attacking a vulnerability in a Siemen's system using a particular Microsoft operating system.  It was originally thought to be delivered via a USB thumb drive but experts now say it is in the wild and can be delivered in different ways.  Also, it was originally thought to be used just to copy plans for the power plants but now it is surmised that it could be used to sabotage such plants.  Experts that have now broken the code for the malware see a sophistication, knowledge and complexity that is not commonly available to any one or more non-affiliated hackers.  This has lead the same experts to speculate (emphasis on the speculative nature as there is no hard evidence, yet) that this was probably the actions of a nation state.

Experts to whom this blog has spoken have stated that because Stuxnet was first discovered in Iran and most of the activity is still in Iran and specifically at one of their nuclear power plants (one that has been mysteriously delayed in coming on line), it probably came from one of the nations not particularly happy about Iran having nuclear power.  Likely suspects are (you guessed it) the CIA or maybe even Mossad.

Of course, nobody really knows and maybe never will.  However, the lesson to be learned from this is that malware (whether state sponsored or otherwise) is rapidly becoming more sophisticated and could pose much greater risks in the future.

Cue the 007 music.

Trackbacks (0) Links to blogs that reference this article Trackback URL
http://www.austintechnologylawblog.com/admin/trackback/223538
Comments (0) Read through and enter the discussion with the form at the end
Stanfield Law PLLC
807 Brazos Street, Suite 404
Austin, Texas 78701
Phone:
512-482-0040
Fax:
512-472-8181